Building security resilience against threats
Today’s global risk landscape has made digital and physical security even more complex and nuanced, especially considering major critical events like the invasion of Ukraine, which demonstrate that one massive critical event can create many others globally with far-reaching effects. These can include displacement of people, physical security threats, cyber-attacks, and other devastating impacts.
The urgent question facing government and business leaders around the world today, including security professionals, is how to build resilience against threats – both unexpected and anticipated – to keep people safe and organizations running.
To gather insights about how security professionals can help build a more resilient posture for their organizations and the people they protect, we spoke with Everbridge Chief Security Officer (CSO) Tracy Reinhold, Everbridge Chief Information Security Officer (CISO) Jeremy Capell, and VP of Travel Risk Management, Matthew Judge.
Together, they highlight the following 5 key areas for building a more resilient security posture to protect people, assets, and operations.
1. Aggregation and deconfliction of intelligence
Reinhold: “When you are constructing a process that allows an organization to be resilient, one of the things that’s critical is the aggregation and deconfliction of intelligence. So, the aggregation is important, but without the deconfliction, what you’re getting is just an overabundance of information that actually makes it more difficult for you to maintain your resilience. The deconfliction is actually where we only look at information that’s relevant so that we can make informed decisions in a timely manner that actually allows us to potentially get ahead of threats or to respond to threats more quickly and efficiently.”
2. Secure communications
Capell: “Communication between platforms and solutions that you have and the individuals on the ground [must be] encrypted and secured… Having that secure communication makes sure that, A) when disseminating it, the individuals receive it, but it cannot be disrupted. It cannot be altered in any form whatsoever… It again, becomes extraordinarily important to make sure that there is encryption, make sure that those communications are sound and secured, both from the safety of the individuals, but also from getting the right information. Whether that is a cyber-attack or a physical attack, the quicker you respond, the quicker you have the ability to contain and make the right decisions.”
3. Security for traveling and remote employees
Judge: “We need to see [which employees are] there and impacted, and alert those individuals. We need to divert other individuals that are in nearby locations to avoid the situation, and we need to stop people from going to [dangerous] locations and making the situation worse. Then obviously, we need to provide services on the ground in those locations to assist the people or the personnel that are potentially impacted… Leveraging technology to underpin the process and help communicate those alerts and request information from those that are potentially impacted to confirm their location, check they’re safe or whether they need any assistance, first and foremost, but then we can also use that information to dispatch on the ground services to those locations where people need help.”
4. Response automation, and acceleration
Reinhold: “Accelerating your response capability actually helps you better protect your employees and your organization. While we have forever depended on human interaction, the beautiful thing about technology is it has allowed us to accelerate our capabilities exponentially. Now, not always will you want to have an automated response. There are occasions where you have to have human interaction. So, the ability to maintain operational analytic assistance is critical, whether you are a traveling executive, whether you’re an employee in a hot zone, or whether you are a company that has suppliers or vendors or customers in areas of concern.”
“Our job as professionals is to close that gap so that that vulnerability and risk diminishes exponentially, which allows you to better protect your organization.”
5. Uninterrupted access to security solutions
Capell: “As an organization or a state, what we really need to be thinking about is how to prepare ourselves for [critical events.] So, for me, the number one thing would be access to [security] solutions…If you cannot access those environments to be able to manage that crisis, it becomes a catastrophe. And this is where having ability, for instance, in the Everbridge platforms where you have distributed DNS capabilities, so you have multiple different entry points, you’ve got VPN capabilities, which can disguise where your location is or at least ensure that there’s encryption between your organization and that management plane of how you’re going to control these disruptions.”